2017 Year in Review - Cybersecurity

By Trevor Schmitt

Picture: Globe License: Public Domain

2017 Cybersecurity Statistics

As expected, 2017 brought more cybersecurity incidents than any previous year. Apart from a reduction in the average cost to organizations for each lost or stolen data record (down from $158 in 2016 to $141 in 2017), the social and economic costs of cybersecurity vulnerabilities rose significantly across the board. Here are the numbers:

  • In the first half of 2017, over 900 data breaches led to almost 2 billion compromised data files, an increase of 164% from the last six months of 2016. (link)
  • By the end of 2017, the Identity Theft Resource Center and CyberScout reported a record year-end high of 1,579 record breaches. This represents an overall increase of 44% from 2016. (link)
  • These breaches largely stem from an uptick in cyber-attacks targeting businesses, climbing from 82,000 in 2016 to nearly double that figure at 159,700 in 2017. This increase is, in part, due to the rise of mass ransomware-based attacks. (link)
  • In the United States alone, 16.7 million U.S. citizens were subject to identity fraud in 2017, an 8% increase from 2016. (link)
  • Worldwide spending on cybersecurity rose 7% to a record setting high of $86.4 billion in 2017 compared to 2016. (link)

Despite the persuasiveness of these statistics, not all cyber-incidents are created equal. In addition to the sheer increase in overall cyber-attacks, 2017 saw some of the most devastating single-origin incidents in terms of both geographic reach and overall costs.

Major Cyber-Attacks

While firms spent massive amounts of resources attempting to reduce their cybersecurity vulnerabilities, cybercriminals spent 2017 finding and refining innovative and powerful ways to extort their victims at scale. The global criminal hacking community (including certain nation-states) used these new methods to carry out last year’s largest breaches. A few examples:

  • WannaCry – In May, the WannaCry ransomware infected over 150 countries worldwide. The ransomware, built using leaked U.S. Intelligence spyware, targeted businesses running outdated Windows software. Once the ransomware infected a system, the hackers demanded money, most often in the form of the cryptocurrency, to unlock the system’s files. An estimated 300,000 systems were infected, including hospitals, car companies, and public utilities. In December, U.S. officials placed blame on North Korea for the attack.
  • NotPetya – Just a month after WannaCry, in June, a malware dubbed “NotPetya” began infecting businesses across the globe. Though initially targeting Ukrainian businesses, the malware spread to multiple major global business including several advertising, shipping, and energy giants. In early September, Fedex claimed to have faced losses of $300 million as a result of the attack. The U.S. recently announced that it believe Russia was responsible for the attack.
  • Equifax – In September, major U.S. credit reporting agency Equifax announced that criminal hackers leveraged vulnerabilities in open source code used by the company to steal information on 145 million U.S. Citizens. Although less globally significant than WannaCry and Notpetya, the Equifax breach is significant because the records involved contained powerfully sensitive information.

In response to a growing number of attacks connected to nation-states, 2017 saw some experts call for an international response to the global cybercrime crisis. Despite important steps forward, efforts largely failed to coordinate agreement on a viable international cyber law regime.

[Inter]National Cyber Law

Hopes were set high for international cooperation following the release of the Tallinn Manual 2.0, in early 2017.  The manual, a collective effort of internationally renowned cybersecurity experts, serves as a cyber resource to international actors. Specifically, the manual addresses the international norms of state-sponsored cyber operations as well as more common cyber incidents.

Despite the early success of the Tallinn Manual 2.0, 2017 ended without international agreement. In Summer 2017, The U.N. sponsored Government Group of Experts (GGE) announced they had failed to reach a consensus on the status of international laws and norms in cyberspace. The announcement marked the unsuccessful end to a nearly seven-year process to write the rules on state activity in cyberspace.
Much, if not all, of 2017 is defined by the failure of cybersecurity efforts to fend off malicious attacks by both private and public actors. Without international agreement on a viable legal framework or innovate tech-based solutions, the global population remains vulnerable. But maybe things will get better. After all, there’s always next year.